Skip to Content
0
Former Member
Jan 14, 2009 at 09:34 AM

ABAP and Flash 10 application via WebServices (security policy)

28 Views

Situation:

- We have a Flash application located on a SAP EP (letu2019s say ep.x.com)

- We have a SAP ABAP Application (Webservices) on a SAP WebAS server (abap.x.com)

- Clarification: This is not about Flash islands / but a normal Flash application communicating with WebAS ABAP via WebServices

Problem: Due to the changed security policy in Flash 10 this scenario does no longer work.

- A crossdomain policy file on root level cannot be deployed on root level

- The WebServices http/s headers cannot be modified, since the WebServices are generated by the WebAS IDE.

Comment: Technically there is a way to patch a WebAS ABAP, but this is not a practical / acceptable way in a normal SAP WebAS infrastructure.

Conclusion:

- The above scenario (Flash from EP content / WebAS ABAP as backend) is a quite normal scenario in the SAP world.

- SAP / Adobe always features the close relationship between their technologies.

Question:

- What could we do?

- How does the Visual Composer works around that problem?